Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
File: d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa (raw, json)
Hash identifier: 1VdH/6X3jXq1uQ6F0c5m+RhLLR9dsVFpa1oiMH8I/jA=
Subject key identifier: E6:EC:EF:DD:EA:06:01:32:CA:96:16:F7:51:21:4A:0B:33:68:B9:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11C72B064ECE307FEC6034BAEEE6676EEBBBCB79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
Signing time: Mon 06 Oct 2025 18:10:03 +0000
ROA not before: Mon 06 Oct 2025 18:10:03 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c7:2b:06:4e:ce:30:7f:ec:60:34:ba:ee:e6:67:6e:eb:bb:cb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:10:03 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=1143449942eb1051aca0bcaa98174bfe906c2c8ff4c06c4cb768eb0ccb6c7bfd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8c:c2:40:24:0c:58:98:2b:15:75:52:b7:2f:
ba:3a:90:2d:47:5a:ea:30:c8:44:be:c3:53:d3:0e:
68:35:45:f4:8b:2f:6d:90:a0:ed:22:3c:d8:d0:57:
92:30:9e:dc:02:7b:1b:75:81:6e:5d:81:f4:d9:bc:
e0:44:0c:16:6e:eb:b1:70:87:15:59:88:01:ba:fc:
ec:96:3b:e9:ee:43:86:18:98:64:61:88:a5:8b:e6:
89:86:90:e9:61:a6:0b:16:ba:f5:07:34:04:8e:7a:
4b:c8:66:b6:a2:84:27:c2:15:07:19:08:72:a4:62:
8a:12:01:ab:84:84:f0:9b:fd:ca:5f:3f:1a:61:1a:
94:34:f8:05:b0:54:be:32:9a:ca:56:8f:cc:f3:90:
24:ef:52:11:04:c6:7e:31:c7:3c:23:6e:97:d1:7c:
fd:b6:4f:00:64:77:f1:fd:b8:68:48:db:ff:35:93:
78:a9:7e:37:56:15:10:31:e6:bc:60:d3:60:5a:a6:
82:6e:f1:28:a7:e3:1f:b8:54:a1:f9:2c:58:6a:c4:
8e:e4:30:7b:93:51:aa:0d:26:70:d2:70:38:53:66:
82:97:e5:57:a3:1a:f4:58:14:a2:91:8d:c6:8d:4e:
3d:c4:ed:37:bd:2b:3b:d8:0e:e3:ac:4c:46:59:5e:
c3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EC:EF:DD:EA:06:01:32:CA:96:16:F7:51:21:4A:0B:33:68:B9:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c040::/46
Signature Algorithm: sha256WithRSAEncryption
0a:fd:6f:24:cb:ff:cb:df:0f:d0:20:82:65:d8:1c:e1:61:41:
8e:d4:86:67:e5:6c:b5:f8:e1:a9:fa:14:52:46:2b:5d:fc:50:
98:f1:54:66:e5:4c:3f:8f:c8:c5:4a:0e:93:54:58:3a:c1:cc:
29:ca:c0:a7:55:c0:4c:4c:37:37:fa:40:1b:4d:59:2c:da:2c:
38:3a:31:1c:48:0c:d4:fd:c3:0b:fb:75:d3:d5:9d:62:8f:16:
89:92:94:92:f5:c3:74:25:67:d5:c4:74:e9:78:f6:16:2f:e9:
9f:91:26:85:80:74:d1:89:28:ce:36:84:a6:c7:37:b3:bd:80:
c8:fd:ec:a4:2f:6c:42:52:4a:bf:7b:85:8a:c9:7d:e9:f5:1c:
1c:f2:dc:a4:36:01:d1:5f:32:d8:57:b1:7c:0b:d7:ac:a7:b4:
29:08:cc:0e:01:3b:75:9e:b2:92:78:b8:ed:88:da:e8:94:28:
f6:81:1e:17:75:87:88:c8:a1:84:54:77:6f:14:87:71:e4:b9:
ee:48:2c:6b:cf:49:b5:d4:c8:8a:d8:7d:1e:11:b7:95:ec:c5:
b2:e9:de:41:dc:32:8e:f3:7d:50:0d:1f:b6:19:6b:ab:58:3c:
5f:f3:b9:a4:94:8a:ce:93:e1:da:5b:6a:9f:97:0d:6a:fd:14:
94:be:4e:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEccrBk7OMH/sYDS67uZnbuu7y3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODEwMDNaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNDM0NDk5NDJlYjEwNTFhY2EwYmNhYTk4MTc0YmZlOTA2YzJjOGZmNGMw
NmM0Y2I3NjhlYjBjY2I2YzdiZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaMwkAkDFiYKxV1UrcvujqQLUda6jDIRL7DU9MOaDVF9IsvbZCg7SI82NBX
kjCe3AJ7G3WBbl2B9Nm84EQMFm7rsXCHFVmIAbr87JY76e5DhhiYZGGIpYvmiYaQ
6WGmCxa69Qc0BI56S8hmtqKEJ8IVBxkIcqRiihIBq4SE8Jv9yl8/GmEalDT4BbBU
vjKaylaPzPOQJO9SEQTGfjHHPCNul9F8/bZPAGR38f24aEjb/zWTeKl+N1YVEDHm
vGDTYFqmgm7xKKfjH7hUofksWGrEjuQwe5NRqg0mcNJwOFNmgpflV6Ma9FgUopGN
xo1OPcTtN70rO9gO46xMRllew7cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTm7O/d
6gYBMsqWFvdRIUoLM2i5BjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjMDFjOTItNGEyZS00MGM4LTliNzItZTY1M2FjOTg5NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
QDANBgkqhkiG9w0BAQsFAAOCAQEACv1vJMv/y98P0CCCZdgc4WFBjtSGZ+Vstfjh
qfoUUkYrXfxQmPFUZuVMP4/IxUoOk1RYOsHMKcrAp1XATEw3N/pAG01ZLNosODox
HEgM1P3DC/t109WdYo8WiZKUkvXDdCVn1cR06Xj2Fi/pn5EmhYB00YkozjaEpsc3
s72AyP3spC9sQlJKv3uFisl96fUcHPLcpDYB0V8y2FexfAvXrKe0KQjMDgE7dZ6y
kni47Yja6JQo9oEeF3WHiMihhFR3bxSHceS57kgsa89JtdTIith9HhG3lezFsune
QdwyjvN9UA0fthlrq1g8X/O5pJSKzpPh2ltqn5cNav0UlL5OIQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:26 2025 by rpki-client